<?php
session_start();
require_once("../config/include_tokyo.inc.php");

//访问权限验证
$userRole = $_SESSION['user_role'];
if($userRole == 1){
	//管理员
}else{
	if($userRole > 0){
		$url = "../index.php?loginError=2";//没权限
	}else{
		$url = "../index.php?loginError=3";//没登录
	}	
	echo "<script language='javascript' type='text/javascript'>";
	echo "window.location.href='$url'";
	echo "</script>";
}

//get post value
$doFlag = $_POST["doFlag"];
$editId = $_POST["editId"];
$userName = $_POST["user_name"];
$userPassword = $_POST["user_password"];
$userRole = $_POST["user_role"];


if($doFlag == "save"){
	if($editId > 0){
		$sql = "update users set user_name='$userName', user_password='$userPassword',user_role=$userRole where id=$editId ";	
	}else{
		$sql = "insert into users(user_name,user_password,user_role) values ('$userName','$userPassword',$userRole)";	
	}	
	$db->Execute($sql);
	$strSuccess =  "**********************************<br>"
	."用户保存成功<br>"
	."用户名: ".$userName."<br>"
    ."用户密码: ".$userPassword."<br>"
	."用户角色: ".$userRole."<br>"
	."**********************************<br>"	;	
}else{
	if($editId > 0){
		$sql_currentUser = "select * from users where id=$editId";
		$result = $db->Execute($sql_currentUser);
		while (!$result->EOF) {
			$userName = $result->fields['user_name'];
			$userPassword = $result->fields['user_password'];
			$userRole = $result->fields['user_role'];
			$result->MoveNext();
		}
  }
}




?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<!--Begin:head-->
<? $pageTitle = "编辑用户"; ?>
<?php include("../head.php"); ?>
<!--End:head-->


<body>
<?php include("../topMenu.php"); ?>


<?php include("userMenu.php"); ?>


<form name="inputForm" action="userInput.php" method="post" onSubmit= "return checkForm()">
<div id="container" >	

<?php
echo $strSuccess;
?>

<div class="grayTable">	
<h4>编辑用户:<?php echo $editId; ?></h4>
<table >
	<tr>
		<td align="right">用户名:</td>
		<td align="left"><input type="text" name="user_name" id="user_name" size=30 value="<?php echo $userName; ?>"></td>
	</tr>			
	<tr>
		<td align="right">用户密码:</td>
		<td align="left"><input type="text" name="user_password" id="user_password" size=30 value="<?php echo $userPassword; ?>" ></td>
	</tr>
	<tr>
		<td align="right">用户角色:</td>
		<td align="left"><input type="text" name="user_role" id="user_role" size=5 value="<?php echo $userRole; ?>" ></td>
	</tr>
	<tr>
		<td colspan=2 align="right"><input type="submit" value="保存用户"></td>
	</tr>					
</table>	
</div>



</div><!--end container -->
<input type="hidden" name="editId" id="editId" value="<?php echo $editId; ?>" >
<input type="hidden" name="doFlag" id="doFlag" value="save" >
</form>
</body>




</html>

<script>

function checkForm(){
	var userName = $("#user_name").val();	
	var userPassword = $("#user_password").val();	
	var userRole = $("#user_role").val();	
	if(userName == ''){
		alert("用户名不能为空.");
		$("#user_name").focus(); 
		return false;
	}
	if(userPassword == ''){
		alert("用户密码不能为空.");
		$("#user_password").focus(); 
		return false;
	}
	if(userRole == ''){
		alert("用户角色不能为空.");
		$("#user_role").focus(); 
		return false;
	}else{
		if(isNaN(userRole)){
			alert("用户角色只能是数字.");
		    $("#user_role").focus(); 
		    return false;
		}
	}
	return true;
}


</script>

